Vulnerabilities > Cerebrate Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-03-27 CVE-2023-28883 SQL Injection vulnerability in Cerebrate-Project Cerebrate 1.13
In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint.
network
low complexity
cerebrate-project CWE-89
critical
 9.8
9.8
2023-02-24 CVE-2023-26468 Unspecified vulnerability in Cerebrate-Project Cerebrate 1.12
Cerebrate 1.12 does not properly consider organisation_id during creation of API keys.
network
low complexity
cerebrate-project
critical
 9.1
9.1